NEW YORK CITY (JTA) – Israeli intelligence discovered that Russian hackers were using antivirus software to steal classified information from the United States, The New York Times reported. The antivirus software is made by a Russian company, Kaspersky Lab, that is used by 400 million people worldwide, including officials at about two dozen American government agencies.
The discovery led the Department of Homeland Security in September to order all federal executive branch agencies to stop using Kaspersky products, giving agencies 90 days to remove the software.
Classified documents reportedly were stolen from a National Security Agency employee who had improperly stored them on his home computer, which used Kaspersky antivirus software. It is not known what other information was gleaned by the Russian operation, according to The Times.
The Wall Street Journal reported recently that Russian hackers had stolen classified materials from a contractor using the Kaspersky software on his home computer. But the role of Israeli intelligence in discovering the hack and the Russian hackers’ use of Kaspersky software in a larger search for American classified information were not previously reported, according to The Times.
The Times reported that the National Security Agency, the White House, the Israeli Embassy and the Russian Embassy would not comment for its story. Kaspersky Lab denied any knowledge of or involvement in the Russian hacking.
The intelligence came from Israel’s 2014 hack into Kaspersky’s corporate systems, which was discovered by the company a year later and publicly reported, though it did not name Israel as the culprit. The company’s report did state, however, that the program was similar to the Duqu virus, which allows the hacker to eavesdrop on conversations and steal electronic files.
Duqu was attributed to the inventors of Stuxnet, the computer worm that set back Iran’s nuclear program by several months or years by affecting some of its computer systems and centrifuges used to enrich uranium after it was released in 2010. Stuxnet was reported to be a joint project of Israel and the U.S.
The Times reported that Israeli intelligence officers told the NSA that they uncovered evidence that the Russian government hackers were using the access to U.S. officials’ computers through the Kaspersky antivirus software to search for American government classified programs and providing any information to Russian intelligence. Israeli intelligence gave the NSA evidence including screenshots and other documentation, the newspaper reported, citing unnamed sources.